Spooks nicking your tech? What you need is THE CLOUD - NSA boss Nations swiping intellectual property from rival states and corporations are a much greater threat to economies than private cyber-criminals, America's spymaster reckons. General Keith Alexander, National Security Agency (NSA) director and commander of US Cyber Command, made his comments during the NATO-organised CyCon …
"Contrary to what you have heard, the NSA cannot see an attack going into Wall Street unless someone tells us about it," Gen. Alexander claimed
*cough*Utah*cough*AcresOfComputingPower*cough*
All this coming from the agency that acted illegally by it's own nations laws by spying on American citizens. The same agency that thanks to the likes of the PATRIOT Act has the sort of unquestioned access that all those other states would love to have.
I'm not sure what else needs to be said. They can't even abide by their own rules and they have the gall to think they should be giving tips to anybody else on this sort of thing?
Also...
http://www.guardian.co.uk/world/2013/jun/06/nsa-phone-records-verizon-court-order
Verizon order: NSA collecting phone records of millions of Americans daily
Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama
[...]
The order, a copy of which has been obtained by the Guardian, requires Verizon on an "ongoing, daily basis" to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.
From the same article:
The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.
'Change we can believe in'?
This may be a stupid question, but then I'm not American - doesn't this sort of thing go against the 4th amendment?
This may be a stupid question, but then I'm not American - doesn't this sort of thing go against the 4th amendment?
Here is the text of the 4th Amendment to the US constitution:
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."
In the case mentioned, there was a warrant issued by a judge based on a request (testimony) by the [No Such Agency]. The details are not public, which is not uncommon in time-sensitive legal cases, <UNDERSTATE>but has been abused before</UNDERSTATE>. I have no idea how often this happens, but there is the possibility that it has in this case. The tip-off would be that the details are never released or are obfuscated.
The subpoenaed records coincide with the investigation into the Boston Marathon bombings and only (as far as has been leaked) involves phone logs, not content. It is possible that this is what investigators are after, but have not surprisingly refused to comment directly on the issue.
Besides the concern over the secrecy of the investigation, which may be justified, is that the warrant was overly-broad. This last might violate the constitution, but it is unclear as to who would bring suit. The only ramifications are likely to be political and looked at as the price of doing business.
My opinion on the head of NSA trying to move all secure data to the cloud is so they can get a copy of it.
Sure, distributed networks which aren't maintained properly isn't a good situation. But moving all your secure data to one cloud infrastructure and painting a huge target on it is not necessarily the best idea ever either.
Yes, I do suppose that is the sort of attack that they mean, AC, if disruptive is to also be destructive. However …. we haven't even started to consider the shenanigans unleashed whenever creative and constructive attacks swarm out of systems and enterprising organisations in CHAOS and Intelligent Cloud Phormations. And please be advised to remember and not forget this, and the following big little fact which be both a convenient and inconvenient truth, which only the very best of the very best will ever be able and/or enabled to handle.
There is no possibility, and therefore there will never be a probability nor any availability, of any sort of defence against the zeroday vulnerability exploit, which be for export and import and commercialisation, which in most every weak human and earthed system is manifest and highly valued with a great fiat currency monetisation, in Clouds Hosting Advanced Operating Systems.
And quite heavenly and a right devil of a novel and noble job it be too in IT, to have Intelligent Cloud Phormations as Global Operating Devices in Super Invisible Support and Stealthy Astute Maintenance of the Future in Virtual Mastery of IMPerfect Starring Role Plays. ....... :-) Big Brother Constructs that leave the likes of British Broadcasting Corporations floundering in the Enlightenment of ITs PowerD Control Wakes/Tempestuous Channels and Titanic Rains.
Parse that and come back to me with the register whenever you can make great sense of it, for it speaks the truth of the current problem which has nations not speaking peace unto nations and leaderships disgraced on the presented aired evidence of their ignorance and arrogance.
Nothing about "cloud-like architectures" - what Gen. Alexander actually recommended - requires one to rent computer services from Amazon, Google, Microsoft, or another public provider that some of the more cautious/skeptical/paranoid among us might consider possible agents of the US Government.. To a first approximation, these "cloud like architectures" represent a reimplementation of the mainframe concept, and Amazon, Google, et. al. provide the revised version of the service bureau of a half century past that made Ross Perot a wealthy man.
Current cloud-in-a-box offerings from several vendors seem to be precisely the sort of thing Gen. Alexander is recommending: high capacity scaleable units that can be managed and safeguarded more easily, effectively, and cheaply than spread out networks of assorted equipment, each with its own set of vulnerabilities. You may suspect Gen. Alexander's or the government's motives, but there is considerable merit in this recommendation, properly understood.
The question of whether to buy and manage your own cloud or rent service from an external provider is a management choice involving balancing risk and cost. In view of the average competence of IT managements it could well be lower in both cost and risk to rent from large scale providers whose employees may have more expertise than those available for hire locally; and that could be true even with the possibility of things like NSA eavesdropping and penetration.
Except.. the same people that would not patch their individual computers would then instead have a private cloud with out of date, insecure software on it. Of course, even having secure servers, this overlooks what may be a big source of data leaks -- the servers are uncompromised, but the client system is compromised, and can then be used to pilfer data.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
